IETF Logo Mail Archive

Re: Telnet and FTP to Historic

Phillip Hallam-Baker <phill@hallambaker.com> Wed, 02 December 2020 18:35 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A63233A1B4E for <ietf@ietfa.amsl.com>; Wed, 2 Dec 2020 10:35:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uS-8bOfXcGdQ for <ietf@ietfa.amsl.com>; Wed, 2 Dec 2020 10:35:09 -0800 (PST)
Received: from mail-yb1-f178.google.com (mail-yb1-f178.google.com [209.85.219.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 578123A166D for <ietf@ietf.org>; Wed, 2 Dec 2020 10:32:59 -0800 (PST)
Received: by mail-yb1-f178.google.com with SMTP id o71so2532668ybc.2 for <ietf@ietf.org>; Wed, 02 Dec 2020 10:32:59 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=AfQ34vK8ngqW80NKjCPeP4eHJuku2lDG66x39PIA7LA=; b=gxsvlQrBht8Qqx6Fc44N9Pm2kCNsanqMnsByG4MQvMQmZPKix6A50aIymOrMbm9tRa RUdRmZQ6wAB4rMG6K5xDRNaSuWCyOzRC4vpqhQ8hS8BuCMsCfTXEMaMmDVlq1K00yXAW CkIhoegs82l0GGjFftZITn2Y7hnWDKtW728EoTXC/VG4f2iV0QfjjgPb6fdSnfqH4mCb gAiVi5wDxktI3ifHx3eJZyeBBxTaiPCfmvzhM/W1o4q0B8XQhM4PkR5Hqc/gpAgdPD4c nOBmR2a5uXWzU0zYeY7EY4bEu50RpEu15i7wb9rmP4HFMRvHF2HaTH9Wok7L8IA+XW9D v5Vw==
X-Gm-Message-State: AOAM532rQClCKk8sel6yYzp3IgfGLv2QZKTLtlhxdop9L0n93Khwvbsr s/ecvc+1Kqv/gwNMIUYXNV355q+xWK9iWjv+nHI=
X-Google-Smtp-Source: ABdhPJwpAIVETY5ljt03QObMzI0UcoburN60+AQr+AxMSsTAgdqqegOYZPTtpOHi/wl2ArW219JHURqz2PqaqgLetZA=
X-Received: by 2002:a25:3bd2:: with SMTP id i201mr7212192yba.172.1606933978288; Wed, 02 Dec 2020 10:32:58 -0800 (PST)
MIME-Version: 1.0
References: <AA1E0A8464BC45FB4FA44684@PSB> <2D63A357-E253-462C-864D-2BF96D3E2E18@tzi.org> <F4CD3381C5D0E24C91FC4A91@PSB> <20201201030759.GJ5364@mit.edu> <5720F933910C959C9278EBCF@PSB> <CAMm+LwgpcLxSdzgfJy2441hjNWP=Fui-f8Oq1bZB=2QdZeOUNQ@mail.gmail.com> <0c5a4935-f0b6-4b86-dc0e-3b4466bc09a4@nostrum.com> <F1FF9720-AA72-4B92-ABE7-6E0E875059BA@tzi.org> <16446.1606931808@localhost>
In-Reply-To: <16446.1606931808@localhost>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Wed, 02 Dec 2020 13:32:46 -0500
Message-ID: <CAMm+Lwj51YLpwZLCxsVeg=6tBwaG845Kg4WN4hbA8Bv=pjjKrQ@mail.gmail.com>
Subject: Re: Telnet and FTP to Historic
To: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: Carsten Bormann <cabo@tzi.org>, Adam Roach <adam@nostrum.com>, IETF Discussion Mailing List <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f4159b05b57f7832"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/WMm11m7lfBevAwFTHz70CD9lcbM>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2020 18:35:18 -0000

On Wed, Dec 2, 2020 at 12:57 PM Michael Richardson <mcr+ietf@sandelman.ca>
wrote:

>
> Carsten Bormann <cabo@tzi.org> wrote:
>     > On 2020-12-02, at 17:38, Adam Roach <adam@nostrum.com> wrote:
>     >>
>     >> If it helps: I've yet to find a system that lacks both telnet and
> nc (netcat) out of the box.
>
>     > Indeed, interestingly, for me, nc replaces the existing usages of
> both
>     > telnet and ftp (i.e., unencrypted and third-party transfers).  Except
>     > that my brain cannot teach my fingers to stop typing “telnet”, so I
>     > usually have that installed in some form (e.g., inetutils) as well.
>
> neither nc or telnet is installed on Ubuntu or Windows or openwrt by
> default now.
> I don't think it's installed by default on RASPbian either.
> (Hard for me to double check, as naturally, I wind up installing both
> immediately)
>
> Like Carsten, I have difficulty not using telnet when I should be using nc.
> (But, I don't find I should have -t on by default, which is why nc rather
> than telnet.  Ah, I remember back writing that proxy-telnet...)
>

I used to find this an issue and then I started to hit problems because
modern servers increasingly have timeouts on commands to prevent port
exhaustion DoS attacks. So I stopped debugging by hand and wrote a bunch of
different code...

But even if every developer needs to use telnet for debugging on a daily
basis, that is still no reason for telnet to keep its standards status. I
would like to see us being more aggressive in rendering old protocols
obsolete so as to encourage new ones. and to discourage continued use of
insecure protocols.


Take the main remaining use of FTP for example - syncing to cameras over
ethernet. Sure, thats one way to do it. But its insecure which is something
of a problem when the professionals using it are often reporters or
forensics practitioners.

v2.23.0 | Report a Bug | By Email